Pinball Sucks wrote:I finally gave in to DL and paid them in the end to avoid the ongoing stress (one of the original Pinball cases). I didn't do it and I know I shouldn't have paid and in all probability would never have been taken to court, but the stress was too much and keep coming back.

The point of this post was that I was really not happy signing their undertakings as they were impossible to comply with. So I offered to pay with the following undertakings which they accepted. Both of these undertakings I know I can fulfill.I also never admitted it and paid, protesting my innosence.

"I undertake to never knowingly upload, download or make available any intellectual property of Topware Interactive from my personal computer without their prior consent, or authorise my wireless network to be used for that purpose.

I undertake to secure my wireless network router with up to date secure encryption (e.g. WPA) noting that WEP does not provide sufficent security in order to minimise unauthorised access to my network."

If anyone does wish to pay up, only do so with undertakings you are happy with.

You wimped out, not only did you contribute to the 'lets screw all the others fund' you have actively contributed financially to their disgusting intimidation of innocent people, HOW DO YOU FEEL ABOUT THAT?

Last edited by PorkyPig on Sun Aug 31, 2008 8:13 am, edited 2 times in total.

Metoo wroteI am DEFINATELY not responsible for downloading THIS game, I have no memory of playing it at all. What worries me more now is that I have, in the past, downloaded music and other games. If they are able to get hold of this internet activity, I was told this could be used to persuade a judge I am -likely- to be responsible (afterall, it only has to be 'on the balance of probabilities').

Just think about this for a second. There are millions of people using the internet in the UK. It is not feasable for any ISP to keep traffic records of each subscriber. The best that an ISP could do is monitor a specific subscriber's activity over a set period of time. This too would require a court order and not likely to be given in a civil case like this - in a criminal case yes.

MrFredPFL wrote:metoo: i would bet at least as much money as DL demands from you that your ISP cannot currently provide anyone with any such information (namely, a list of other things you have downloaded). because of recent developments in the UK, it sounds like the government will soon start requiring ISPs to log such data when possible, but at the moment, they don't do it.

as for the barwinska case: until such time as i see any more actual info about it, i see no point in playing guessing games.

UK ISP's are already starting to monitor for specific protocols being used. There's is no legal requirement for them to do so as yet, but this coming soon.

Pinball Sucks wrote:I finally gave in to DL and paid them in the end to avoid the ongoing stress (one of the original Pinball cases). I didn't do it and I ...

You wimped out, not only did you contribute to the 'lets screw all the others fund' you have actively contributed financially to their disgusting intimidation of innocent people, HOW DO YOU FEEL ABOUT THAT?

Keep things friendly please, different people are going to respond in different ways, and whos to say that one way is the right way for everyone to respond. Although innocent people paying up will not help things overall, it really is down to individual to decide what they want to do.

unhappy: "monitoring for protocols used" is not the same as being able to provide a listing of things you have downloaded. as far as i am aware, no UK ISP is currently capable of providing such a list. if you have evidence to the contrary, then by all means please share it with us.

with all the false claims DL has used to attempt to frighten people into paying, ask yourself this question: if they actually had access from your ISP of a list of things you have downloaded/uploaded, don't you think they would use THAT as a threat? why even bother to try to frighten people if you have that data available? why not just take them ALL to court?

metoo's lawyer friend is probably a wonderful person, and a great lawyer - but that doesn't make him an expert in every field. in my opinion, he is wrong about what information an ISP actually logs. maybe someday, what he describes will be feasible. but it isn't today.

Fred - yes I agree, that was my point to. There's no way an ISP could log all internet traffic.

As for monitoring, as far as I am aware a few of the UK ISPs are now monitoring for protocol use, specifically those use for P2P file-sharing. At the moment they are only sending out warnings to users but I believe this is the start of the basis for legislation.

It's my understanding that ISP's cannot store or monitor your internet activity without first telling you that they are doing it otherwise it's a breach of privacy. It's much the same as what Logistep were/are doing by spying on and logging IP's without first telling those involved that they were doing it - I believe that's what the Swiss data commisioner accused them of. In other words if your ISP hasn't told you that they log activity (check your T&C's) then they aren't and the data isn't there for DL to take advantage of.

My wife received a letter from Davenport Lyons on friday morning, asking for Â£565 or they will take her to court for a bigger payment reagrding a game called Test Drive Unlimited.

My wife was ready to use our overdraft to pay it, as she didn't want to go to court.

While she was looking into that I searched the internet and found this site. I am amazed at how much of this is going on, but also relieved that we are not the only ones getting letters.

We have not had much sleep because of this , but reading through 100's of comments has made us feel a little better.

We have come to the decision not to pay. We will write to Davenport denying their allegations. I do not understand anything about Data Protection , the Law, or how IP addresses are obtained. However I do know that my wife or anyone else in the household, has not downloaded any such game.

Congratulations to enigmax for securing the use of a lawyer, hope it all goes well for all our sakes.

We shall both keep a vestied interest in this forum and any outcome regarding the lawyer many of you will be using.

Duracell wrote:It's my understanding that ISP's cannot store or monitor your internet activity without first telling you that they are doing it otherwise it's a breach of privacy. It's much the same as what Logistep were/are doing by spying on and logging IP's without first telling those involved that they were doing it - I believe that's what the Swiss data commisioner accused them of. In other words if your ISP hasn't told you that they log activity (check your T&C's) then they aren't and the data isn't there for DL to take advantage of.

Is was reported in the press earlier that Virgin Media (and I believe others) were to monitor for P2P filesharing, and send warning letters to anyone found.

If you read their terms and conditions it says:

"We reserve the right to monitor and control data volume and/or types of traffic transmitted via the interactive services on your Virgin TV and/or Internet access"

Their acceptable use policy states:

Use of Material

4.1. You are prohibited from storing, distributing, transmitting or causing to be published any Prohibited Material through your use of the Services. Examples of "Prohibited Material" shall be determined by us (acting in our sole discretion) and shall include (but are not limited to) material that:

4.1.2. infringes or breaches any third party's intellectual property rights (which shall include, but not be limited to copyright, trade mark, design rights, trade secrets, patents, moral rights, paternity rights and performance rights) - this includes the use, distribution and/or copying of any material without the express consent of the owner;

4.1.3. is in violation of any law or regulation that is enforceable in the United Kingdom;

4.1.4. unsolicited promotional or marketing material;

4.1.5. chain letters or pyramid selling schemes; and

4.1.6. programs containing viruses, hoaxes or any tools designed to compromise the security of other websites and/or systems. However, you may pass samples of malware in a safe manner to appropriate agencies for the purpose of combatting its spread.

4.2. For the avoidance of doubt, the storage upon and/or distribution over our systems by any User of "pirated" software, or any other materials that are not expressly licensed to the User, will constitute a violation of this section 4 of the AUP. 4.3. We reserve the right to inform and/or report the storage, distribution, transmission, retransmission or publication of Prohibited Material (and/or any other materials which may constitute unlawful conduct by Users) to relevant authorities and/or regulators, in addition to any action we may take as outlined in this AUP.

I too doubt that an ISP could log all internet traffic/packets or MACs behind the modem/router. If sharing a cable modem you will need another router and router'/pc/laptop networking unit's MAC can be easily altered anyway.Just another question out of curiosity, what happens when the DL letter addresses to a wrong spelt name because the ISP got it wrong in the first place ?

If they had issued a criminal law suit then they would have many victims who qualified for legal aid i.e. a FREE solicitor. By taking civil action it is not possible to obtain legal aid (as far as I am aware) and therefore the victims are more likely to pay up rather than risk an extortionate layers bill

Interestingly though, I believe that they have to incite criminal charges to the ISP before the provider will hand over personal information. If they had approached the ISP from a civil prosecution angle the ISP would be under no obligation to release our details.

They have bent the rules to suit themselves and I will celebrate like I've never celebrated before if DL go down on this

This is a total con based on loopholes in the law, entrapment maybe

Last edited by geoffro on Sun Aug 31, 2008 3:59 pm, edited 1 time in total.

All isp's that have traffic shaping policies use systems that identify the protocol being passed so as to assign a priority.For example BT use the ellacoya switch,if it sees bit torrent it assigns it the lowest priority level if it sees voip it assigns it the fastest channel, if it cant identify it because of encryption or it hasnt been profiled it assigns it to the lowest level.Another good reason for not using the main ISP's.

The storing of information of who does what and when is not as far as i know done , but a bill being put through parliament is going to change this and all information will be held in a central government database,this information will be available for access to hundreds of authorities in the UK and also europe wide.viewtopic.php?t=44205

just some info i dont want this to go off topic i want to see DL nailed.

johnjohn wrote:I too doubt that an ISP could log all internet traffic/packets or MACs behind the modem/router. If sharing a cable modem you will need another router and router'/pc/laptop networking unit's MAC can be easily altered anyway.

To get a list of MACs behind a router would require the router's firewall to be breached or unauthorised access to the router's settings.. either way is a breach of the Computer Misuse Act 1990.

johnjohn wrote:Just another question out of curiosity, what happens when the DL letter addresses to a wrong spelt name because the ISP got it wrong in the first place ?

Write back stating that no one of that name resides at the address. It would add weight to the argument that the system is flawed should it go further.

geoffro wrote:If they had issued a criminal law suit then they would have many victims who qualified for legal aid i.e. a FREE solicitor. By taking civil action it is not possible to obtain legal aid (as far as I am aware) and therefore the victims are more likely to pay up rather than risk an extortionate layers bill

Interestingly though, I believe that they have to incite criminal charges to the ISP before the provider will hand over personal information. If they had approached the ISP from a civil prosecution angle the ISP would be under no obligation to release our details.

They have bent the rules to suit themselves and I will celebrate like I've never celebrated before if DL go down on this

This is a total con based on loopholes in the law, entrapment maybe

exactly the point ive tried to make about logistep,dl hide logistep very well by the time you get intimidated by the rest of there letters logistep is the last thing on ur mind,BUT they should be the first thing that comes to mind,there not regulated they seem to be a law to themselves dl make you believe they are james bond or the like,but the main point is it started as criminal not civil,very underhand indeed,its like getting assaulted getting no criminal conviction and then trying to claim in a civil court for damages ?

Pinball Sucks wrote:I finally gave in to DL and paid them in the end to avoid the ongoing stress (one of the original Pinball cases). I didn't do it and I ...

You wimped out, not only did you contribute to the 'lets screw all the others fund' you have actively contributed financially to their disgusting intimidation of innocent people, HOW DO YOU FEEL ABOUT THAT?

Keep things friendly please, different people are going to respond in different ways, and whos to say that one way is the right way for everyone to respond. Although innocent people paying up will not help things overall, it really is down to individual to decide what they want to do.

If people that are truly innocent pay DL to avoid a potentially costly court case, in my my opinion they are an immense part of the problem.

What sane person would pay Â£550.00 to an aggressive bunch of lawyers, lawyers by the way lie for a living, it's what they do, paying up for something you never did just DISGUSTS me and it encourages DL to go after even more innocent victims.

I'm sickened that people will pay these people just on the strength of their threatening letters, I've had them all and have had this hanging over me since March 2007, I'm never going to pay them for something I never did!!

A certain german ex con has instigated all this crap, if people want to wimp out and pay up, go ahead, just don't whine about it on these forums!

I'm making no apololgies for my stance on this matter, if you're offended - TOUGH!

i found all the people i contacted via the internet... i contacted my local CAB first and they suggested a few others and i simply googled them to find out how to contact them. i did all my conversations over the phone, ensuring i got names or references where appropriate. i would therefore recommend you start with your local CAB

further i have put out a plea for legal assistance via my local 'Freecycle Cafe' which (for those who have never heard of it) is a site that allows people to post offers and wanted 'ads' for items, advice etc. had no lawyers respond yet but am ever hopeful someone will be interested. will keep you informed.

we are all obviously spread out nationally and i assume internationally but those based in the uk perhaps if you were to find similar local forums and ask for any one who might be able to help. surely there must be more legal bods out there willing to help us.

PorkyPig wrote:You wimped out, not only did you contribute to the 'lets screw all the others fund' you have actively contributed financially to their disgusting intimidation of innocent people, HOW DO YOU FEEL ABOUT THAT?

Keep things friendly please, different people are going to respond in different ways, and whos to say that one way is the right way for everyone to respond. Although innocent people paying up will not help things overall, it really is down to individual to decide what they want to do.

I'm making no apololgies for my stance on this matter, if you're offended - TOUGH!

No one is asking for an apology for your stance, PorkyPig. What we are asking of you is to follow the rules of these forums. In future, please refrain from any personal attacks.

moving right along

Ross Wheeler, CEO of Albury.net.au, referring to the Australian Governments internet filtering plan wrote:"It's the most ill-conceived pile of stupidity by the biggest bunch of cretins that I've ever seen in my life"

HiI have just found this forum, and joined I to have just recieved a letter from D/L with regards downloading A game called Test Drive Unlimited last sept 07 have read the replys so far, which i can see is lots, can some one please give me a little bit of help with what i should do please, as most people say don,t pay I would like to here from people that have also had letters and here what they have done and what has happened Thanks... Oh by the way they were asking for Â£560.00

Comrades,A number of people have been asking about the information that ISPs store about their subscribers, and whether UK ISPs actually track (and store) the sites that individuals visit. I know a bit about ISP network structure and procedures, but be warned that I don't know for sure about the methods that DL are using, so in that respect it's an educated guess. Let's start with some facts:

Associating IP addresses with user details (name, address, etc.)Broadband networks that use ADSL technology have to use an authentication mechanism to make sure you are who you say you are when you connect to the network. Of course ADSL connects over a fixed telephone line so you might think this is enugh proof, but remember that in the UK you can buy broadband service from about 200 different ISPs (eg. Vodafone, Tesco, Post Office) and most of these ISPs do not own facilities in the local telephone exchange. So in this case the authentication mechanism is used to decide if you are a valid user of, say Tesco's broadband service.

At the same time the retail ISP will use the authentication mechanism to assign a "public" IP address for this session. Note that this "public" IP address is the one that will be used by all the traffic from your home. Your broadband router will use a technique called NAT to allow you a number of "private" IP addresses (usually 192.168.0.XXX) that can be used inside your home network. Most ISPs use dynamic "public" IP addresses by default, but the way that address allocation works means that your "public" IP address could be somewhat "sticky" (ie. you might be given the same IP address even if you disconnect from the ADSL network and reconnect).

The protocol that ISPs use for this authentication and address assignment is called RADIUS. So in more technical articles about the DL fiasco you may hear reference to the "RADIUS records". RADIUS records are not standardised - different ISPS format the records in different ways. But normally RADIUS records are just plain text data files (comma-separated values, or CSV usually) that contain something like:

DATE, TIME, MAC*, USER_NAME, IP_ADDRESS**

* This would be the MAC address of the ADSL port on the modem or router - in other words the MAC address of the "telephone port". Note that as at least one member has pointed out, the ISPs cannot see the MAC addresses of PCs on the "home side" on the broadband connection. This is nothing to do with firewalls actually, it's a direct consequence of the way Layer 3 routers operate (MAC addresses are stripped from IP packets as they pass through routers).

**This is the "public" IP address assigned to you for this "session". The session duration could be extremely long - typically if you keep your router switched on, connected to the DSL network, and do not reboot, this IP address will stay the same. You can find out your real, public IP address by using a site such as: http://whatismyip.com/ .

RADIUS records are not especially "bulky" because they're just text files. In the past ISPs tended to store these records until they ran out of disc space, or some careless support guy deleted them by accident (there are many examples of lost records, or records that were corrupted when people tried to convert them from one layout to another). In other words, the procedures for storing this information have been somewhat erratic. It gets more difficult because of ISP mergers and acquisitions - for example Carphone Warehouse bought the 1 million AOL UK subscribers recently. So what are the odds of the AOL RADIUS records being stored in the same format as the Talk Talk RADIUS records? Do not underestimate the problem of browsing RADIUS records!!

As part of the War Against Terror the UK government has decided to firm up these procedures and is asking ISPs to store RADIUS records for at least 2 years. Because there will be a formal requirement for this information to be retained, and to be viewable by law enforcement bodies, ISPs have to tidy up their procedures for storing and backing up this information. There may also be some efforts to standardise the representation of this information, but that's not terribly important really because the information stored is so simple. Also it would be hard to convert 2 years' worth of records for several million subscribers.

OK, that's for ADSL, but how does Cable work?Cable networks, now exclusively Virgin in the UK, do not use RADIUS as such, but they do have similar address allocation mechanisms, and records.

You might think of Virgin as being a single, homogeneous organisation but of course that's not true. Most recently the Virgin network was at least two different companies - NTL and Telewest. And originally there were 24 (I think) cable TV franchise regions defined under the original legislation. And the legislation prohibited a single company from buying up adjacent TV regions. This ensured incompatibility between the CATV technologies of the day, but by the time Internet access was offered over these systems some consolidation was already taking place. Even so, Virgin also has some internal consistency challenges to overcome, even if it appears to be a single company.

So if ISPs don't record what I'm browsing, how does DL know I downloaded this pinball game?Bubbster gave an accurate account of this earlier in the thread, but let me recap. DL are just scumbag lawyers, so they employ Logistep to do the following. A Logistep person will fire up a given P2P package - like Bit Torrent. They will search for a given file based on which content owner they are doing business with. In this example content owner is Topware Interactive, and the game is Dream Pinball 3D. The way all P2P software works is that it needs to know the IP address of the person sharing all or part of the specific file.

This is how DL knows the IP address of people who are sharing Dream Pinball 3D.

Note, they also know you're sharing the real file (as opposed to seeding a dummy file called something like "dream_pinball_3d.rar"). You see all these files have a "checksum", or actually something rather more sophisticated called an MD5 hash. The hash is essential for the correct operation of P2P software, and so it's easily available for Logistep to record during their "forensic operation".

So now Logistep has a list of IP addresses of people on Bit Torrent who are sharing the Dream Pinball file, on specific dates, and at specific times. They also have proof that it's the "real file" via the MD5 hash.

This is the "evidence" that they send to you via the ISP (second page of the letter in most cases).

The next step is to filter the IP addresses so that only UK-based IP adresses are used (because this process has already been ruled as illegal in mainland Europe). This is easy because ISPs have to apply for public IP address blocks. So they cam also tell which ISP a given address belongs to.

Now DL has to approach the ISPs and ask for them (the ISP) to provide the name and address of the person who had been allocated this IP address over the relevant time period (remember IP addresses can change). The ISP consults their RADIUS records to determine this. It's not clear to me why ISPs are providing this information given that copyright infringment is not a criminal activity, but hey!

So is this process reliable?Nope. The RADIUS systems used by the ISPs are a hopeless mish-mash of home-written scripts. I used to work for a company that was specifically trying to sell a product to UK ISPs that relied on the RADIUS data. I can tell you that up to 2 years ago it was a total mess. It's probably a bit better today because of the War on Terror legislation, but the recent case of "mistaken identity" of a Tiscali user is a clear indication of how things can go wrong.

If I was a lawyer fighting this, it's the reliability of RADIUS records that I would attack, using expert witnesses who have worked inside UK ISPs, and who are familiar with the procedures. Any lawyer worth the name should be able to establish reasonable doubt over the RADIUS records. Once a few of these cases had been brought, I suspect a strong precedent could be established that would prevent DL continuing their campaign, and even that a counter suit for extortion could be built.

Apologies for the long post but I feel strongly that if the lawyers who are fighting these cases fully understood the sloppy procedures used by UK ISPs for RADIUS data, then they would be much better equipped to fight the case.